During recent conversations with senior IT professionals working within NHS Trusts a similar theme keeps recurring. They know that they have done the right thing by investing in two-factor authentication (2FA) to provide the necessary protection that their IT infrastructure needs, but now they feel like they are being punished for that decision, as the large initial investment has been compounded with high ongoing running costs and inflexible systems that cannot adapt to how their staff work today.
Does this sound familiar?
Go back five years and hard-tokens were really the only viable option if you wanted to add additional layers of security, and also respond to the need for consultants and other healthcare professionals to be able to be more agile in how they access important networked resources, whether on or off site. However, hard-token 2FA came at a price with initial hardware costs, slow deployment, extensive staff training, laborious administration as users come and go, the need to replace broken and lost devices, and excessive licensing costs. As a result these organisations now feel like that they have no other option but to stick with what they have, yet this could not be further from the truth.
With pressure to reduce costs and improve performance, without impacting front-line services, NHS Trusts need to be scrutinising and challenging every aspect of their day-to-day operations. When you challenge how authentication is currently being run versus what is now possible, it opens up a bright world of new opportunity.
As with all technology, what is possible today with modern authentication solutions bears little resemblance to what has gone before, both in how it functions and how much it costs. These solutions are based on innovative patented technology, which whilst new have been rigorously tried, tested and proven not only within the NHS but other public sector organisations, as well as banks and law firms.
These new solutions offer ‘traditional’ 2FA but also 1.5FA (for instances where authentication is necessary but full 2FA is not necessary). Crucially, they replace hard-tokens with a soft-token that can easily be installed via an app on the users mobile device. As a result, it is far more scalable (deployment to over 1,000 users can be done in a matter of minutes) without ever needing to buy more hardware. And, as it integrates with the Active Directory it gives the IT department far greater policy control over who can access what and when, which is particularly valuable in managing permissions for the large number of contractors that come and go.
Another major benefit is removing the reliance on passwords as these new solutions favour a pattern-based approach, meaning staff wanting quick access to a vital piece of information do not have to remember their password, and the IT Helpdesk isn’t overrun with reset requests.
One fantastic example of how this new form of authentication is working in practice comes from Liverpool Heart and Chest Hospital that took the decision to replace its incumbent system with a replacement. In the words of the IT Operations Manager, Matt Connor who oversaw the project: “We needed to find a replacement that would pair high levels of security, authentication and verification, to protect systems and the confidential data residing on them, with a straightforward, reliable and quick sign-in process to encourage widespread usage.”
What is more, the vendors that have innovated this new generation of authentication solution understand and are sympathetic to the plights of NHS Trusts, having the skills and expertise to make the changeover seamless and stress-free. Furthermore, they are able to provide compelling return-on-investment coupled with strong incentives to help make the decision to transition even easier.
The final word goes to Mr. Connor who offers these words of wisdom: “We had total confidence in replacing our hard-tokens with a 1.5FA solution and we would encourage other NHS Trusts to explore this approach.”
Read the full story about the experience of Liverpool Heart and Chest Hospital making the switch.